Hello community,
here is the log from the commit of package python-paramiko for openSUSE:Factory
checked in at 2019-02-17 12:19:00
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-paramiko (Old)
and /work/SRC/openSUSE:Factory/.python-paramiko.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-paramiko"
Sun Feb 17 12:19:00 2019 rev:43 rq:676253 version:2.4.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-paramiko/python-paramiko.changes
2019-01-08 12:17:16.688993221 +0100
+++
/work/SRC/openSUSE:Factory/.python-paramiko.new.28833/python-paramiko.changes
2019-02-17 12:19:03.680238144 +0100
@@ -1,0 +2,16 @@
+Thu Feb 14 20:49:56 UTC 2019 - Hans-Peter Jansen <[email protected]>
+
+- add empty line after %autopatch: build fails up to 42.3 otherwise
+
+-------------------------------------------------------------------
+Thu Feb 14 17:00:13 UTC 2019 - Ondřej Súkup <[email protected]>
+
+- drop python-pytest_relaxed dependency
+- add patches:
+ 1311.patch - fix warnings
+ 1379.patch - fix support for gssapi
+ relaxed.patch - remove unnecessary pytest_relaxed dep
+- remove patch:
+ disable-gssapi.patch - supersseded
+
+-------------------------------------------------------------------
Old:
----
disable-gssapi.patch
New:
----
1311.patch
1379.patch
relaxed.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-paramiko.spec ++++++
--- /var/tmp/diff_new_pack.mEWITf/_old 2019-02-17 12:19:06.248237440 +0100
+++ /var/tmp/diff_new_pack.mEWITf/_new 2019-02-17 12:19:06.264237435 +0100
@@ -29,22 +29,25 @@
# certificates needed by testsuite
Source1: cert_support.tar.gz
Patch0: paramiko-test_extend_timeout.patch
-Patch1: disable-gssapi.patch
+Patch2: relaxed.patch
+Patch3: 1311.patch
+Patch4: 1379.patch
BuildRequires: %{python_module PyNaCl >= 1.0.1}
BuildRequires: %{python_module bcrypt >= 3.1.3}
-BuildRequires: %{python_module cryptography >= 1.1}
+BuildRequires: %{python_module cryptography >= 2.5}
+BuildRequires: %{python_module gssapi}
BuildRequires: %{python_module pyasn1 >= 0.1.7}
BuildRequires: %{python_module setuptools}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
+Recommends: python-gssapi
Requires: python-PyNaCl >= 1.0.1
Requires: python-bcrypt >= 3.1.3
-Requires: python-cryptography >= 1.5
+Requires: python-cryptography >= 2.5
Requires: python-pyasn1 >= 0.1.7
BuildArch: noarch
%if %{with test}
BuildRequires: %{python_module mock}
-BuildRequires: %{python_module pytest-relaxed}
BuildRequires: %{python_module pytest}
%endif
%python_subpackages
@@ -70,8 +73,8 @@
%prep
%setup -q -n paramiko-%{version}
-%patch0 -p1
-%patch1 -p1
+%autopatch -p1
+
# Fix non-executable script rpmlint issue:
find demos -name "*.py" -exec sed -i "/#\!\/usr\/bin\/.*/d" {} \;
tar xvzf %{SOURCE1} -C tests/
++++++ disable-gssapi.patch -> 1311.patch ++++++
++++ 1173 lines (skipped)
++++ between /work/SRC/openSUSE:Factory/python-paramiko/disable-gssapi.patch
++++ and /work/SRC/openSUSE:Factory/.python-paramiko.new.28833/1311.patch
++++++ disable-gssapi.patch -> 1379.patch ++++++
--- /work/SRC/openSUSE:Factory/python-paramiko/disable-gssapi.patch
2018-11-18 23:21:24.730262748 +0100
+++ /work/SRC/openSUSE:Factory/.python-paramiko.new.28833/1379.patch
2019-02-17 12:19:03.484238198 +0100
@@ -1,13 +1,172 @@
-Index: paramiko-2.4.2/paramiko/ssh_gss.py
+From 36fbe57629cbbb7bf0f4a1e98c43352b82fe181d Mon Sep 17 00:00:00 2001
+From: Andrew Wason <[email protected]>
+Date: Wed, 6 Feb 2019 10:56:53 -0500
+Subject: [PATCH 1/4] Move to cryptography 2.5 and stop using deprecated APIs.
+
+Fixes #1369
+---
+ paramiko/ecdsakey.py | 4 ++--
+ paramiko/kex_ecdh_nist.py | 37 +++++++++++++++++++++++++++++--------
+ setup.py | 2 +-
+ tests/test_kex.py | 12 ++++++------
+ 5 files changed, 40 insertions(+), 19 deletions(-)
+
+Index: paramiko-2.4.2/paramiko/ecdsakey.py
===================================================================
---- paramiko-2.4.2.orig/paramiko/ssh_gss.py
-+++ paramiko-2.4.2/paramiko/ssh_gss.py
-@@ -53,7 +53,7 @@ try:
- import gssapi
-
- GSS_EXCEPTIONS = (gssapi.GSSException,)
--except (ImportError, OSError):
-+except (ImportError, OSError, AttributeError):
- try:
- import pywintypes
- import sspicon
+--- paramiko-2.4.2.orig/paramiko/ecdsakey.py
++++ paramiko-2.4.2/paramiko/ecdsakey.py
+@@ -160,12 +160,12 @@ class ECDSAKey(PKey):
+
+ pointinfo = msg.get_binary()
+ try:
+- numbers = ec.EllipticCurvePublicNumbers.from_encoded_point(
++ key = ec.EllipticCurvePublicKey.from_encoded_point(
+ self.ecdsa_curve.curve_class(), pointinfo
+ )
++ self.verifying_key = key
+ except ValueError:
+ raise SSHException("Invalid public key")
+- self.verifying_key = numbers.public_key(backend=default_backend())
+
+ @classmethod
+ def supported_key_format_identifiers(cls):
+Index: paramiko-2.4.2/paramiko/kex_ecdh_nist.py
+===================================================================
+--- paramiko-2.4.2.orig/paramiko/kex_ecdh_nist.py
++++ paramiko-2.4.2/paramiko/kex_ecdh_nist.py
+@@ -9,6 +9,7 @@ from paramiko.py3compat import byte_chr,
+ from paramiko.ssh_exception import SSHException
+ from cryptography.hazmat.backends import default_backend
+ from cryptography.hazmat.primitives.asymmetric import ec
++from cryptography.hazmat.primitives import serialization
+ from binascii import hexlify
+
+ _MSG_KEXECDH_INIT, _MSG_KEXECDH_REPLY = range(30, 32)
+@@ -36,7 +37,12 @@ class KexNistp256:
+ m = Message()
+ m.add_byte(c_MSG_KEXECDH_INIT)
+ # SEC1: V2.0 2.3.3 Elliptic-Curve-Point-to-Octet-String Conversion
+- m.add_string(self.Q_C.public_numbers().encode_point())
++ m.add_string(
++ self.Q_C.public_bytes(
++ serialization.Encoding.X962,
++ serialization.PublicFormat.UncompressedPoint,
++ )
++ )
+ self.transport._send_message(m)
+ self.transport._expect_packet(_MSG_KEXECDH_REPLY)
+
+@@ -58,11 +64,11 @@ class KexNistp256:
+
+ def _parse_kexecdh_init(self, m):
+ Q_C_bytes = m.get_string()
+- self.Q_C = ec.EllipticCurvePublicNumbers.from_encoded_point(
++ self.Q_C = ec.EllipticCurvePublicKey.from_encoded_point(
+ self.curve, Q_C_bytes
+ )
+ K_S = self.transport.get_server_key().asbytes()
+- K = self.P.exchange(ec.ECDH(), self.Q_C.public_key(default_backend()))
++ K = self.P.exchange(ec.ECDH(), self.Q_C)
+ K = long(hexlify(K), 16)
+ # compute exchange hash
+ hm = Message()
+@@ -75,7 +81,12 @@ class KexNistp256:
+ hm.add_string(K_S)
+ hm.add_string(Q_C_bytes)
+ # SEC1: V2.0 2.3.3 Elliptic-Curve-Point-to-Octet-String Conversion
+- hm.add_string(self.Q_S.public_numbers().encode_point())
++ hm.add_string(
++ self.Q_S.public_bytes(
++ serialization.Encoding.X962,
++ serialization.PublicFormat.UncompressedPoint,
++ )
++ )
+ hm.add_mpint(long(K))
+ H = self.hash_algo(hm.asbytes()).digest()
+ self.transport._set_K_H(K, H)
+@@ -84,7 +95,12 @@ class KexNistp256:
+ m = Message()
+ m.add_byte(c_MSG_KEXECDH_REPLY)
+ m.add_string(K_S)
+- m.add_string(self.Q_S.public_numbers().encode_point())
++ m.add_string(
++ self.Q_S.public_bytes(
++ serialization.Encoding.X962,
++ serialization.PublicFormat.UncompressedPoint,
++ )
++ )
+ m.add_string(sig)
+ self.transport._send_message(m)
+ self.transport._activate_outbound()
+@@ -92,11 +108,11 @@ class KexNistp256:
+ def _parse_kexecdh_reply(self, m):
+ K_S = m.get_string()
+ Q_S_bytes = m.get_string()
+- self.Q_S = ec.EllipticCurvePublicNumbers.from_encoded_point(
++ self.Q_S = ec.EllipticCurvePublicKey.from_encoded_point(
+ self.curve, Q_S_bytes
+ )
+ sig = m.get_binary()
+- K = self.P.exchange(ec.ECDH(), self.Q_S.public_key(default_backend()))
++ K = self.P.exchange(ec.ECDH(), self.Q_S)
+ K = long(hexlify(K), 16)
+ # compute exchange hash and verify signature
+ hm = Message()
+@@ -108,7 +124,12 @@ class KexNistp256:
+ )
+ hm.add_string(K_S)
+ # SEC1: V2.0 2.3.3 Elliptic-Curve-Point-to-Octet-String Conversion
+- hm.add_string(self.Q_C.public_numbers().encode_point())
++ hm.add_string(
++ self.Q_C.public_bytes(
++ serialization.Encoding.X962,
++ serialization.PublicFormat.UncompressedPoint,
++ )
++ )
+ hm.add_string(Q_S_bytes)
+ hm.add_mpint(K)
+ self.transport._set_K_H(K, self.hash_algo(hm.asbytes()).digest())
+Index: paramiko-2.4.2/setup.py
+===================================================================
+--- paramiko-2.4.2.orig/setup.py
++++ paramiko-2.4.2/setup.py
+@@ -73,7 +73,7 @@ setup(
+ ],
+ install_requires=[
+ "bcrypt>=3.1.3",
+- "cryptography>=1.5",
++ "cryptography>=2.5",
+ "pynacl>=1.0.1",
+ "pyasn1>=0.1.7",
+ ],
+Index: paramiko-2.4.2/tests/test_kex.py
+===================================================================
+--- paramiko-2.4.2.orig/tests/test_kex.py
++++ paramiko-2.4.2/tests/test_kex.py
+@@ -42,20 +42,20 @@ def dummy_urandom(n):
+ def dummy_generate_key_pair(obj):
+ private_key_value =
94761803665136558137557783047955027733968423115106677159790289642479432803037
+ public_key_numbers =
"042bdab212fa8ba1b7c843301682a4db424d307246c7e1e6083c41d9ca7b098bf30b3d63e2ec6278488c135360456cc054b3444ecc45998c08894cbc1370f5f989"
+- public_key_numbers_obj = ec.EllipticCurvePublicNumbers.from_encoded_point(
++ public_key_numbers_obj = ec.EllipticCurvePublicKey.from_encoded_point(
+ ec.SECP256R1(), unhexlify(public_key_numbers)
+- )
++ ).public_numbers()
+ obj.P = ec.EllipticCurvePrivateNumbers(
+ private_value=private_key_value, public_numbers=public_key_numbers_obj
+ ).private_key(default_backend())
+ if obj.transport.server_mode:
+- obj.Q_S = ec.EllipticCurvePublicNumbers.from_encoded_point(
++ obj.Q_S = ec.EllipticCurvePublicKey.from_encoded_point(
+ ec.SECP256R1(), unhexlify(public_key_numbers)
+- ).public_key(default_backend())
++ )
+ return
+- obj.Q_C = ec.EllipticCurvePublicNumbers.from_encoded_point(
++ obj.Q_C = ec.EllipticCurvePublicKey.from_encoded_point(
+ ec.SECP256R1(), unhexlify(public_key_numbers)
+- ).public_key(default_backend())
++ )
+
+
+ class FakeKey(object):
++++++ relaxed.patch ++++++
--- paramiko-2.4.2.orig/tests/test_client.py
+++ paramiko-2.4.2/tests/test_client.py
@@ -33,7 +33,7 @@ import warnings
import weakref
from tempfile import mkstemp
-from pytest_relaxed import raises
+import pytest
import paramiko
from paramiko.pkey import PublicBlob
@@ -662,7 +662,7 @@ class PasswordPassphraseTests(ClientTest):
# TODO: more granular exception pending #387; should be signaling "no auth
# methods available" because no key and no password
- @raises(SSHException)
+ @pytest.mark.xfail(raises=SSHException)
def test_passphrase_kwarg_not_used_for_password_auth(self):
# Using the "right" password in the "wrong" field shouldn't work.
self._test_connection(passphrase="pygmalion")
@@ -683,7 +683,7 @@ class PasswordPassphraseTests(ClientTest):
password="television",
)
- @raises(AuthenticationException) # TODO: more granular
+ @pytest.mark.xfail(raises=AuthenticationException) # TODO: more granular
def
test_password_kwarg_not_used_for_passphrase_when_passphrase_kwarg_given(
self
): # noqa
